[strongSwan] Strongswan 4.5.2 sending IKEv2_INFORMATIONAL_REQUEST with wrong flags
Tobias Brunner
tobias at strongswan.org
Fri Sep 7 15:57:35 CEST 2012
Hi Avishek,
> I am talking about the INFORMATIONAL Delete Request for the old Child SA.
> The flags are all Zero i.e 0x00.
What's wrong with that? It is clearly a request so the response flag is
zero and if strongSwan was the initial responder (i.e. it did *not*
initiate the IKE_SA) then the initiator flag must also be zero (you did
not write if strongSwan was initiator or not) - this flag could only
change when the IKE_SA is rekeyed (not when CHILD_SAs are rekeyed). The
version flag is always zero for IKEv2 and the rest of the bits are
reserved and zero too.
Regards,
Tobias
More information about the Users
mailing list